<?php

require_once('functions/pageLoad.php');

$page_title = 'Reset password';

if($_SERVER['REQUEST_METHOD'] == 'POST'){

	$sql = "SELECT id, firstname, surname, email, password FROM users WHERE email = '".mysql_real_escape_string($_POST['email_reset'])."' LIMIT 0,1";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rs=mysql_fetch_assoc($query);
	$rows = mysql_num_rows($query);

	if($rows > 0){	

	require("classes/class.phpmailer.php");
	$mail2 = new PHPMailer();
	$mail2->IsSMTP(); // telling the class to use SMTP
	$mail2->Host = "localhost"; // SMTP server
	$mail2->From = $settings['no_reply_email'];
	$mail2->FromName = "I Want A Tradesman";

	$mail2->AddAddress($rs['email']);

	$mail2->Subject = "Password reset";
	$mail2->Body = "Dear ".$rs['firstname']." ".$rs['surname']."\r\n\r\nYou have requested to reset your password on I Want A Tradesman. Please visit the link below to choose a new password.\r\n\r\nPassword reset link: http://www.iwantatradesman.co.uk/password-reset?token=".$rs['password']."-".$rs['id']."\r\n\r\nIf you did not make this request, please report this immediately by emailing us at: abuse@iwantatradesman.co.uk\r\n\r\nKind regards\r\n\r\nThe I Want A Tradesman Team\r\n\r\n\r\nThis email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.";

	$mail2->Send();

	$results = '<div class="yellow_box"><p style="color: #009900; font-weight: bold;">We have sent you an email, please check your inbox to reset your password.</p></div>';

	}

	else{

	$results = '<div class="yellow_box"><p><span style="color: #cc0000; font-weight: bold;">Error:</span> No account was found with that email address.</p></div>';

	}
}

include('includes/meta.php');
include('includes/header.php');
include('includes/navigation.php');

?>

<h1>Reset password</h1>

<?php echo $results; ?>

<p class="noTop">To reset your password, please enter your email address below. You will then be sent a link to reset your password.</p>

<form method="post" action="/reset-password" id="reset-password">

<div id="registration_form">

<div class="rowWrapper" id="email_reset_wrap">
<div class="rowLeft"><label for="email_reset">Email address:</label></div>
<div class="rowRight"><input type="text" name="email_reset" id="email_reset" class="textbox" value="<?php echo $_POST['email_reset']; ?>" placeholder="Please enter the email address you registered with." /></div>
</div>

<div class="rowWrapper">
<div class="rowLeft">&nbsp;</div>
<div class="rowRight">
<script type="text/javascript">document.write('<'+'a onclick="return formval(\'reset-password\');" style="cursor: pointer;"><'+'img src="/images/reset_password.gif" alt="Reset password" /><'+'/a>');</script>
<noscript><input type="submit" value="Reset password" class="blue_submit_button" /></noscript></div>
</div>

</div>

</form>

<?php 

include('includes/rightColumn.php');
include('includes/footer.php');

?>